The Agent Skills Directory

[SAFE]: The skill implements legitimate data processing logic for construction estimation. No malicious patterns such as remote code execution, obfuscation, or data exfiltration were found.
[PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection via data ingestion from external files. 1. Ingestion points: Data ingestion occurs in SKILL.md via the load_pricing_rules_from_df and load_qto_from_df methods which parse CSV or Excel data. 2. Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the instructions.md file. 3. Capability inventory: The skill uses filesystem permissions to export data to Excel using openpyxl. No network or system-level command execution capabilities are present. 4. Sanitization: The skill performs type conversion for numeric and enum fields, but no textual sanitization is applied to input strings before they are processed or output.

auto-estimate-generator